Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Reverse Engineering Board > Reverse/Social Engineering
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #11  
Old 12-21-2003, 11:06 PM
Devine9 Devine9 is offline
Administrator
 
Join Date: Dec 2002
Posts: 180
Default

Ah, well welcome to the site. I'm sure we'll have many interesting conversations in the future. It's good to see a new face? ;)

Now for your question. I've found, at least throughout my years with programming, that on the web there is a great amount of tricks that you can perform upon users coming to a website. The problem lies in the fact that there are VERY few people in the world who can really code activex that is worth a shit. Me not being one of these people. Unfortunately I can't comment for sure on whether there is definitely possibilities within the activex environment, but there is most definitely a lot of information that the activex can gather that would be considered uncomfortable for the user.

Your email password: No I do no believe that there is any way in which the website would be able to simply grab your email password. There is though, many ways in which they could do it via a trojan horse application. In this scenario however, there is a major risk factor in that if a user's virus scanner detects such an occurance, that there is a big chance that the user will track the problem back to the site and notify the authorities of the incident. So this somewhat removes this potential problem.

In addition to this i'd like to clear up the misconceptions on your post in the way of scripting engines. Indeed there are quite a few scripting engines that can be installed on your system in order for system scripting to occur. These scripting engines, aside from javascript and other small visual browser script solutions, are run via server side, not client side. So in other words, there is no chance of remote execution of source code on a system due to just a compiler being installed. For example, if i install vc++, a website can not compile/execute vc++ code on my system through a web browsing scenario, and the same is true for perl/ tcl/tk /python/asp/jsp/php/etc..

Again, it's my understanding that there is only really the possiblity of uncomfortable data being accessed during execution of activex objects as they run client side, however i'm not an activex guru.

+Greythorne for one, i'm sure has more information for this topic, lets hope he stops by.

regards,

Devine Right
Reply With Quote
  #12  
Old 12-22-2003, 11:52 PM
quitsendingmetrash quitsendingmetrash is offline
Member
 
Join Date: Dec 2003
Posts: 29
Default

"...there is a great amount of tricks that you can perform upon users coming to a website."

Yes that's it. Tricks are the perfect analogy. I am looking at this without a programming background so forgive me if i am repeating myself, also i will try not to be to far-fetched.

Rather than implying that a webpage has some exotic or malicious code, I'll use a simpler concept.
By singling out the users with browser based email such as hotmail or yahoo. One can then assume the user will be logging into to their email via forms. Entering the user name and password into fields. The idea i have is that some how the web page would track form fields. Perhaps by copying to the clipboard anything that is entered into a field. A script could then steal the
input from the clipboard and submit it to the server's database.

Since we are talking social reversing here, lets modify the webPage so that it is singling out users who copy and paste their
passwords or who click the save password field. The webpage could obtain a password when it is copied to the clipboard.

Here is an example of a clipboardJacker-
h**p://tom.vpwsys.co.uk/clipboard/exploit.html
(i think it only works in internetExplorer)

My idea seems to be some form of a field hunter/viewer embedded in the webPage. No trojans, or superscripts needed. Just the ability to copy and paste. ok enough of that idea.

-----

I came across some html a while back ago that caught my eye.

<HTML>
<BODY>
<IFRAME src="\**.***.**.**">
</BODY>
</HTML>

Put your ip address in place of the stars. Nothing to fancy about this. Although i am sure there is an exploit for this
that could be used for remote access.

Maybe with smb one could use the html iframe script remotely.
h**p://samba.anu.edu.au/cifs/docs/what-is-smb.html

sna has remarked that iframes suck so i will not speak any more about them. although i wrote the above before he posted so i will leave it here.
the only question i have towards iframes-- is it possible to trick the server-client into thinking one is the other?

anyway, i seem to be slamming into a dead end. i started off as i intended, which was asking questions, and now here it seems i am making statements which is not what i had intended. now i must go do some research of my own and quit waisting other peoples time, on a subject that i have no knowledge about. let me see what i can turn up with in the next couple of months and i will let you know if i find anything that applies. although it is doubtfull that i will turn up with something that you already don't know.

to clarify my initial vision i will leave you with this.
At times it is easier to reverse the person rather than the box or the software. To obtain someones password you could hack their box. Although it may be easier to hack the person. I was just wondering if it would be applicable to use a webPage to hack the person. Anyway it really is not important to me to hack anyone. I was looking at it as more of a security issue when registering to a site.

many thanks goes to you Devine9 for clarifing my misconceptions with the python, tcl/tk interpreters. I had this little idea running in my head that it would be some how possible for a webPage to link to a file.py on my hardDrive. When the link was pressed my python interpreter would open up and run the source code.

and yes, i will also thank you sna for your preSight. saw the iframes coming did you?
Reply With Quote
  #13  
Old 12-23-2003, 06:41 AM
sna sna is offline
Administrator
 
Join Date: Jun 2003
Posts: 76
Default

Quote:
saw the iframes coming did you?
merry christmas
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump





Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.